[pmwiki-users] AuthUser and an external DB
Jeff Brown
sparks at ts4b.com
Mon Sep 10 17:38:14 CDT 2007
Hi
I am new to PmWiki. Trying to get AuthUser to authenticate against a forum
database. I want only my forum members to edit wiki pages. For a couple
reasons, I am not using AuthUserDB, I am calling the PHP ODBC module directly.
I've written a script (based on AuthUserBBPress) which queries my database
and returns true/false on user, pswd challenge. This code is at the end of
this email. I've tested this script on it's own and it works.
Along with defining the SnitzAuthDB in my config, I have:
$DefaultPasswords['edit'] = 'id:*';
include_once "cookbook/snitzauth.php";
include_once 'scripts/authuser.php';
Do I need something on my Site.AuthUser page to tell AuthUser how to call
my script, snitzauth.php?
When trying to edit any page, I get a user/pass challenge, but only
"Name/password not recognized".
Can anyone point me in the right direction?
Many Thanks - Jeff
<?php if (! defined ('PmWiki')) exit;
/*
* Authenticate Against a Snitz Forums user database using ODBC to a DSN
*
* To use, import and set the SnitzAuthDb array as follows:
* $SnitzAuthDb = array(
* 'dsn' => 'connection name',
* 'user' => 'dbuser',
* 'password' => 'dbpass',
* 'table' => 'FORUM_MEMBERS',
* 'userfield' => 'M_NAME',
* 'pwfield' => 'M_PASSWORD'
* );
*/
$AuthUserFunctions['snitz'] = 'AuthUserSnitz';
function AuthUserSnitz($pagename, $id, $pw, $pwlist) {
global $SnitzAuthDb;
$link =
odbc_connect($SnitzAuthDb['dsn'],$SnitzAuthDb['user'],$SnitzAuthDb['password']);
if (!$link) die('Could not connect: '.odbc_error());
$user = $SnitzAuthDb['userfield'];
$pass = $SnitzAuthDb['pwfield'];
$table = $SnitzAuthDb['table'];
$id = user_sanitize($id);
$pw = user_sanitize(hash('sha256', $pw));
$ask = "SELECT * from $table WHERE $user='$id' AND $pass='$pw';";
$result = odbc_exec($link, $ask);
if (!$result) die("Could not successfully run query ($query) from DB:
".odbc_error());
return (abs(odbc_num_rows($result)) > 0) ? true : false;
}
function user_sanitize( $text ) {
$text = preg_replace('/[^a-z0-9_-]/i', '', $text);
return $text;
}
?>
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.485 / Virus Database: 269.13.14/999 - Release Date: 9/10/2007 5:43 PM
More information about the pmwiki-users
mailing list